Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: tar alternative

tar alternative

From: Tim <tim-security_at_sentinelchicken.org>
Date: Fri, 8 Sep 2006 16:02:44 -0400

> Don't. Untar. Archives. As. Root.
>
> It's that simple.
>
> Or are you also going to complain about the fact that there are tar
> versions out there that don't strip a leading / from the archive?
> Much fun can be had when you carelessly extract as root, then.

Hello,

Sorry to change the subject slightly here on this thread, but I was
wondering about this before the topic came up.

Given the problems with using the tar format for file distribution, are
there any other simple, non-compressed file-grouping formats out there
that weren't originally designed for backups (e.g. don't contain
usernames, permissions, etc)? Something that can be a drop-in
replacement for tar and thus can integrate with gzip/bzip2 easily?
(Don't even say .zip)

There's probably one out there I'm completely naive about, but I haven't
seen one yet that would be a safer alternative.

thanks,
tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Sep 08 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]